<?php

$action = getAction();

switch ($action) {
	case "index":
			$loginId = trim($_POST['loginId']);
			$password = trim($_POST['password']);
			$yzm = strtoupper(trim($_POST['yzm']));

			if($yzm != $_SESSION['code']) 
			{
				errback('验证码出错！');
			}
			
			$c = $db->getOne("select count(1) from ".table('admin')." where login_id='$loginId' ");
			if($c == 0)
			{
				errback('用户名或者密码出错！')	;
			}
			
			$ct=$db->getRow("select * from ".table('admin')." where login_id='$loginId' and password='".md5($password)."' ");
			$ip=$_SERVER['REMOTE_ADDR'];
			$dateline=time();

			$logData["login_id"] = $loginId;
			$logData["login_ip"] = $ip;
			$logData["login_time"] = getNowTime();
				
			if($ct)
			{
				$ct["last_login_time"] = getNowTime();
				$ct["last_login_ip"] = $ip;
				$db->update("admin", $ct, " and id = " . $ct["id"]);
								
				$_SESSION['web_admin'] = $rs = $ct;		
				$_SESSION['web_admin']['domain'] = $_SERVER["HTTP_HOST"];
				$_SESSION['web_admin']['admin_id'] = $ct["id"];
				$_SESSION['web_admin']['login_id'] = $loginId;
				$logdesc="{$loginId}登陆成功！";
				
				if($loginId == "admin") {
					setcookie("admin_id", $loginId, time() + 3600 * 8);
					setcookie("password", md5($password), time() + 3600 * 8);
				}
				
				//插入日志
				$logData["succ_flag"] = 1;
				$db->insert("admin_login_log", $logData);
				gourl("admin.php?m=iframe");
			}else
			{
				//插入日志
				$logData["succ_flag"] = 0;
				$db->insert("admin_login_log", $logData);
				errback('用户名或者密码出错！');
			}
			break;
}